Cyber-attacks now Targeting End-users

According to Zscaler, a security firm, cyber goons are shifting their focus from attacking e-mail and Web servers to attacking computers of the end-users. The objective is to hijack those machines and gain access through the weakest link in the security string, i.e. the end-user.

The security firm added that end-users are becoming increasingly exposed to Web-based malware, social engineering, virus attacks and technical vulnerabilities.

Zscaler further explained that it's relatively easier to trick computer-users into downloading multiple malicious programs that can be as varied as bogus applications, free music, fake anti-virus software or adult content. Often, to view the adult stuff, a user is asked to download and run an ActiveX component or video codec. Consequently, he becomes an easy victim of password-protected codes that are also encrypted.

Moreover, it is to be noted that Zscaler found that attackers notably embedded malicious iframes or JavaScript for extracting material from a server to then deliver it onto an end-user's Web-browser.

Thereafter, the malware will grab control over the end-user's computer via vulnerable Web-browser or through flawed client software like Adobe Acrobat Reader. Consequently, it becomes possible to steal the credentials of innocent victims.

Besides this, Zscaler also discovered that a few users made efforts towards installing "anonymizers" i.e., tools which prevent tracing of online activity. This was done to conceal a client Internet Protocol address for facilitating access to unwanted stuff like pornography or gambling websites.

Furthermore, according to the researchers, anti-virus solutions continue to be similarly strong like before; however, malware is getting tougher too. While it's quite simple for online cyber crook to contaminate an end-user's system, it is far simpler for the latter to protect his system from harmful software. End-users can remain malware-free if they don't purchase or install software from any Internet site that's known to disseminate malicious programs as well as avoid clicking Web-links connecting to doubtful URLs.

Zscaler also advised users to be more careful while conducting online financial dealings and to use Web-based defenses as far as possible.

The researchers added that irrespective of the extent of potentiality of Web-security software and anti-virus solutions, protecting PCs against malware necessarily requires end-users to remain vigilant, always.